Cisco switches in internal time reference pool - NTP

This is a discussion on Cisco switches in internal time reference pool - NTP ; Hello,
I'm building a pool of internal time servers (which will run in stratum
2) that will be used for synchronizing time for all other computers in
the network.
Is it a good idea to include some cisco switches (say ...

Cisco switches in internal time reference pool

Hello,

I'm building a pool of internal time servers (which will run in stratum
2) that will be used for synchronizing time for all other computers in
the network.
Is it a good idea to include some cisco switches (say two) into the
pool? Do they make a reliable time source when used in symmetrical
active mode using a statement like "ntp peer ntp2.local.net key 42" in IOS?

Thanks,
Timo

Re: Cisco switches in internal time reference pool

Timo,

Timo Ruiter wrote:
> I'm building a pool of internal time servers (which will run in stratum
> 2) that will be used for synchronizing time for all other computers in
> the network.
> Is it a good idea to include some cisco switches (say two) into the
> pool? Do they make a reliable time source when used in symmetrical
> active mode using a statement like "ntp peer ntp2.local.net key 42" in IOS?

It depends. How important is accuracy? How many NTP clients per switch?
What is the CPU load on these switches, and how worried are you about
CPU load on them? How trustworthy are the clients (e.g. how much do you
trust the clients not to launch a DoS attack against your IP
infrastructure, intentionally or otherwise)?

In my opinion it is unwise to use an embedded NTP server (i.e. an NTP
server that is included within a specialised platform whose primary
purpose is not time keeping, such as a router, media gateway, ...),
unless accuracy, resource usage and security are all secondary to the
cost savings as compared to running ntpd on a "proper" server.

Cheers, Jan

Re: Cisco switches in internal time reference pool

Timo Ruiter wrote:
> Hello,
>
> I'm building a pool of internal time servers (which will run in stratum
> 2) that will be used for synchronizing time for all other computers in
> the network.
> Is it a good idea to include some cisco switches (say two) into the
> pool? Do they make a reliable time source when used in symmetrical
> active mode using a statement like "ntp peer ntp2.local.net key 42" in IOS?
>
> Thanks,
> Timo

Cisco equipment is designed to do routing or switching, as the case may
be. It gives priority to the routing or switching it's supposed to be
doing. It may work. Unless there is some reason you NEED to try it,
don't!

Pick four servers to run ntpd and serve time to everyone else.
Configure them to do so and configure the clients to use those four
servers. The four should peer with each other and each should have at
least one unique source of time. The servers need not be dedicated;
ntpd does not require a lot of computing power!